CentOS 8 Default iptables rules Question
Posted: 2020/09/13 01:16:28
Hello All, Im new to Linux, CentOS, At this time im working on getting familiar with iptables. Based on my online findings I've come up with the rules below, can anyone help confirm if I'm on the right track. Have I locked down my test workstation properly? Am I missing any other rule? The test workstation only needs to be able to ping it's loopback interface and access to the internet and not anything else.
Any and all help is very much appreciated.
F3rn
Rules on test workstation I entered and tested. Im able to ping my loopback interface and have access to the internet.
1 - Flushed all chain rules
2 - Added a rule to the INPUT chain to ACCEPT all loopback traffic
3 - Added a rule to the OUTPUT chain to accept all loopback traffic
3 - Changed the INPUT, OUTPUT and FORWARD chains to DROP all traffic
4 - Added a rule to the INPUT chain to ACCEPT all ESTABLISHED and RELATED traffic
5 - Added a rule to the OUTPUT chain to ACCEPT all NEW, ESTABLISHED and RELATED traffic
6 - Added a rule to drop all else incoming INPUT chain traffic
Any and all help is very much appreciated.
F3rn
Rules on test workstation I entered and tested. Im able to ping my loopback interface and have access to the internet.
1 - Flushed all chain rules
2 - Added a rule to the INPUT chain to ACCEPT all loopback traffic
3 - Added a rule to the OUTPUT chain to accept all loopback traffic
3 - Changed the INPUT, OUTPUT and FORWARD chains to DROP all traffic
4 - Added a rule to the INPUT chain to ACCEPT all ESTABLISHED and RELATED traffic
5 - Added a rule to the OUTPUT chain to ACCEPT all NEW, ESTABLISHED and RELATED traffic
6 - Added a rule to drop all else incoming INPUT chain traffic